India is facing serious cyber threats some from other nations while some from within the nation. Some of the very crucial aspects of cyber security are missing in India. For instance, we have no implementable cyber security policy in India.

In these circumstances, the allegations by the department of electronics and information technology (DeitY) that national technical research organisation (NTRO), India’s technical intelligence gathering agency, cracked into national informatics center (NIC) network came as a surprise.

To substantiate its claim, DeitY has cited a report prepared by its operations division, the Indian Computer Emergency Response Team (I-CERT), listing specific instances when NTRO reportedly hacked into NIC infrastructure and extracted sensitive data connected to various ministries.

Obviously, NTRO has refuted these claims. It is also learnt that NIC refused to give relevant logs to NTRO to conduct penetrative testing. NIC provides internet connectivity to all ministries and its NICNET has institutional linkages with the central government, state governments and union territories. All government officials have email IDs issued by NIC.

The National Security Advisor, Shivshankar Menon, was also informed about this fact in February this year. The IB and R&AW are reported to have told the government that NTRO’s role should be downgraded to that of a service provider. We would report more on this issue soon.